services

package
v0.0.2 Latest Latest
Warning

This package is not in the latest version of its module.

 Go to latest Published: Jun 1, 2021 License: MIT Imports: 10 Imported by: 0

Documentation

Index

Constants

This section is empty.

Variables

View Source 
var (
	ErrRoleExists     = errors.New("role exists already")
	ErrUserExists     = errors.New("user exists already")
	ErrIdentityExists = errors.New("identity exists already")
)

Functions

func AddRole 

func AddRole(ctx context.Context, namespace, name string, rules []domain.Rule) (*domain.Role, error)

Add a Role to the namespace with a name. Attach the rules provided

func AddUser 

func AddUser(ctx context.Context, namespace, name, password string, certificates []domain.Certificate, roles []domain.Role) (*domain.User, error)

AddGuest adds a user and identity that has namespace:name and attaches the provided set of roles to the identity Username will be set to same as name Password can be empty, in which case no password is needed to log in Any certificates provided are added to the identity A name can be generated using factory.NewUsername

func AssertSoidNamespace 

func AssertSoidNamespace(ctx context.Context) error

AssertSoidNamespace is called when we need to assert that the basic data in the SOID namespace are there for SOID to work properly. It is typically called upon startup of the application

func AssertSystemNamespace 

func AssertSystemNamespace(ctx context.Context) error

AssertSystemNamespace is called when we need to assert that the basic data in the system namespace are there for SOID to work properly. It is typically called upon startup of the application

func Check 

func Check(ctx context.Context, identityId int32, objectType, namespace, operation, entityId string) (int, error)

Check the permissions for a certain combination of namespace/entity and identity

func CheckAccess 

func CheckAccess(ctx context.Context, identityID uint, namespace, name, operation, objectType string, instances []domain.Metadata) error

CheckAccess returns nil if the operation is allowed, otherwis an error is returned

func CreateAdminUser 

func CreateAdminUser(ctx context.Context, namespace, username, password string) (*domain.User, error)

func CreateDefaultSoidRoles 

func CreateDefaultSoidRoles(ctx context.Context, namespace string) error

func CreateGuestUser 

func CreateGuestUser(ctx context.Context, namespace string) (*domain.User, error)

func CreateIdentity 

func CreateIdentity(ctx context.Context, namespace string, fn func(ctx context.Context, user *domain.Identity) error) (*domain.Identity, error)

func CreateRole 

func CreateRole(ctx context.Context, namespace string, fn func(ctx context.Context, user *domain.Role) error) (*domain.Role, error)

func CreateRule 

func CreateRule(ctx context.Context, namespace string, fn func(ctx context.Context, user *domain.Rule) error) (*domain.Rule, error)

func CreateRuleFromTemplate 

func CreateRuleFromTemplate(ctx context.Context, namespace, name string, other *domain.Rule) (*domain.Rule, error)

func CreateUser 

func CreateUser(ctx context.Context, namespace string, fn func(ctx context.Context, user *domain.User) error) (*domain.User, error)

func DefaultSoidAdminRules 

func DefaultSoidAdminRules(ctx context.Context, namespace string) []domain.Rule

func DefaultSoidGuestRules 

func DefaultSoidGuestRules(ctx context.Context, namespace string) []domain.Rule

func GetUserFromSession 

func GetUserFromSession(ctx context.Context, sessionID uint) (*domain.User, error)

func IdentifyByPassword 

func IdentifyByPassword(ctx context.Context, namespace, username, password string) (*domain.Identity, error)

func InitializeNamespace 

func InitializeNamespace(ctx context.Context, namespace, adminuser, adminpass string) error

func Login 

func Login(ctx context.Context, namespace, username, password string) (*domain.Session, error)

func Logout 

func Logout(ctx context.Context, sessionID uint) error

func RecreateRoot 

func RecreateRoot(ctx context.Context, rootUsername, rootPassword string) error

RecreateRoot removes the old rootID and recreates it with a new username/password and at the same time ensures the AllowAll rule and the Root Role exists

func RegisterAccess 

func RegisterAccess(ctx context.Context, sessionID uint, ipAddress string) error

func Validate 

func Validate(ctx context.Context, sessionID uint) error

Validate if the session is still valid.

func ValidateRole 

func ValidateRole(ctx context.Context, namespace, name string, hasRules []domain.Rule) (*domain.Role, error)

Validate that a role with the namespace/name has roles that are attached to the rules that are as permissive as the provided rules. The role/rules will be recreated if they don't apply

func ValidateRule 

func ValidateRule(ctx context.Context, ruleNamespace, ruleName string, other *domain.Rule) (*domain.Rule, error)

ValidateRule makes sure there exists a rule in ruleNamespace:ruleName that is as permissive as the other rule

Types

This section is empty.

Source Files

View all Source files

Jump to

Keyboard shortcuts

? : This menu
/ : Search site
f or F : Jump to
y or Y : Canonical URL
go.dev uses cookies from Google to deliver and enhance the quality of its services and to analyze traffic. Learn more.